Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé

Slides:



Advertisements
Similar presentations
1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
Advertisements

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Access Control Chapter 3 Part 3 Pages 209 to 227.
Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.
1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013
Access Control Methodologies
Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula Model –General idea –Informal description of rules.
Access Control Intro, DAC and MAC System Security.
1 Confidentiality Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 18, 2004.
Confidentiality Policies  Overview  What is a confidentiality model  Bell-LaPadula Model  General idea  Informal description of rules  Formal description.
Security Fall 2009McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Security Fall 2006McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality.
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
Sicurezza Informatica Prof. Stefano Bistarelli
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
User Domain Policies.
Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
Li Xiong CS573 Data Privacy and Security Access Control.
CS426Fall 2010/Lecture 191 Computer Security CS 426 Lecture 19 Discretionary Access Control.
CH14 – Protection / Security. Basics Potential Violations – Unauthorized release, modification, DoS External vs Internal Security Policy vs Mechanism.
1 Confidentiality Policies September 21, 2006 Lecture 4 IS 2150 / TEL 2810 Introduction to Security.
1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
Session 2 - Security Models and Architecture. 2 Overview Basic concepts The Models –Bell-LaPadula (BLP) –Biba –Clark-Wilson –Chinese Wall Systems Evaluation.
Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.
CSCE 201 Introduction to Information Security Fall 2010 Access Control.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 4 – Access Control.
G53SEC 1 Access Control principals, objects and their operations.
Li Xiong CS573 Data Privacy and Security Access Control.
Access Control MAC. CSCE Farkas 2 Lecture 17 Reading assignments Required for access control classes:  Ravi Sandhu and P. Samarati, Access Control:
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 5 September 29, 2009 Security Policies Confidentiality Policies.
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
CSCE 201 Introduction to Information Security Fall 2010 Access Control Models.
Access Control Lesson Introduction ●Understand the importance of access control ●Explore ways in which access control can be implemented ●Understand how.
Access Control: Policies and Mechanisms Vinod Ganapathy.
Privilege Management Chapter 22.
What is Access Control? Discretionary Access Control (DAC)
Computer Security: Principles and Practice
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #5-1 Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula.
CS426Fall 2010/Lecture 211 Computer Security CS 426 Lecture 21 The Bell LaPadula Model.
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
Chapter 4 Access Control. Access Control Principles RFC 4949 defines computer security as: “Measures that implement and assure security services in a.
22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.
Access Control Model SAM-5.
Protection and Security
Discretionary Access Control (DAC)
2. Access Control Matrix Introduction to Computer Security © 2004 Matt Bishop 9/21/2018.
Chapter 14: Protection.
Executive Director and Endowed Chair
Discretionary Access Control (DAC)
IS 2150 / TEL 2810 Introduction to Security
Advanced System Security
OS Access Control Mauricio Sifontes.
Confidentiality Models
Chapter 5: Confidentiality Policies
Access Control.
Computer Security Access Control
CS703 - Advanced Operating Systems
IS 2150 / TEL 2810 Information Security & Privacy
Chapter 4: Security Policies
Chapter 5: Confidentiality Policies
Advanced System Security
Presentation transcript:

Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé Arizona State University http://adamdoupe.com

Example A university’s academic integrity policy disallows cheating Includes copying homework, with or without permission CSE class has students do homework on a shared server (similar to general.asu.edu) Student A forgets to read-protect homework file Student B copies the file Who did something wrong?

Authorization What can you do on the system? Vs. Authentication (we will cover later) Who are you?

Authorization, Trust, and Risk Need to manage Authorization Trust To manage risk Can you eliminate risk?

Authorization vs. Access Control Authorization is the policy Access Control is the mechanism

Modeling Access Control Subjects S Things in the system that can act Objects O Assets or objects in the system (acted upon) Rights R What can the subject do to the object?

Access Matrix Model F G U V r1, r2 r2 r4 r2, r3 r5, r6

Simplified UNIX Model Subjects are processes Files are objects p, q Files are objects f, g Rights (read, write, execute, append, own) r, w, x, a, o

Access Control Matrix Model f g p q rwo r rwxo w a ro

Access Control Matrix Benefits Drawbacks

Implementation How to implement Access Control Matrix?

Access Control Lists (ACLs) Each column of the access matrix is stored with the object f p: rwo q: a g p: r q: ro

Capability Lists Each row of the access matrix is stored with the subject p f: rwo g: r q f: a g: ro

Relation Subject Access Object p r f w o g q a

ACL vs. Capability ACL requires authentication of subjects CAP does not require authentication of subjects Capabilities must be unforgeable and propagation must be controlled

ACL vs. Capability Per-Object basis File a File b Per-Subject basis User: rights . User: rights . /project File c File b File a Per-Subject basis user Rights: File a, Rights: Fila b

ACL vs. Capability Least Privilege CAP provides for finer grained least privilege control with respect to subjects, especially dynamic short-lived subjects created for specific tasks

ACL vs. Capability Access review Revocation ACL better for access review of objects CAP better for access review of subjects Revocation ACL better for revocation on object basis CAP better for revocation on subject basis

Capability Lists: Granting Access p wants to grant q read access to file f How to do this? p f: rwo g: r q f: a g: ro q f: ar g: ro q f: a g: ro f: r

UNIX ACL 12 permission bits for each file, logically grouped into 4 sets of three bits each _ _ _ _ _ _ _ _ _ _ _ _ first 3 bits: SUID SGID Sticky-bit next 3 bit sets apply to file’s owner, users in file’s group and all users respectively read write execute sticky bit set on a directory means that people can create files in the directory but cannot write or rename other directories. Not relevant to files (come from old UNIX where it would keep the program in memory. ls -la does execute as x for execute, s for means that x is set and setuid is set, S means that x is not set and setuid is set, t (only on other bit) implies sticky bit and executable, T sticky bit is set but other is not executable

Other Access Control Ideas Content dependent controls You can only see salaries less than 50K You can only see salaries of employees who report to you Context dependent controls Cannot access sensitive information from a remote login Salary information can be updated only at year end Company’s earnings report is confidential until announced at the stockholder’s meeting

Types of Access Control Discretionary Access Control Owner of the object controls who can access the object Mandatory Access Control System controls access to an object Originator Controlled Access Control Originator of the object controls who can access the object

Mandatory Access Control Security Levels Security Category Security Labels

Security Levels Many organizations have hierarchical relationship between security sensitivity of assets One file might have the highest security sensitivity Office environments: memos, reports, customer lists, backup data Defined sensitivity and importance

Security Levels Need some way to tag data on a computer system Associate a security level with each entity What type of relationship? 1-1? 1-*?

Examples Military Security Levels Commercial Security Levels Top Secret Secret Confidential Unclassified Commercial Security Levels Restricted Proprietary Sensitive Public

Policy What policy do we want our MAC to enforce? Let’s use the military example Top Secret Secret Confidential Unclassified

Notation L(S) = ls is the security clearance of subject S L(O) = lO is the security classification of object O For all security classifications li,i=0, …, k-1, li < li+1

Security Conditions Simple-Security Condition (preliminary version) S can read O iff lO ≤ lS *-Property (preliminary version) S can write O iff lS ≤ lO

Examples Military Security Levels Commercial Security Levels Write Military Security Levels Top Secret Secret Confidential Unclassified Commercial Security Levels Restricted Proprietary Sensitive Public Read

Security Categories Security levels are too fine-grained Categories NUC NATO ACE Need-to-know basis for assigning categories to subjects How to define the security policy now?

Notation A subject’s security level and object’s security level is now (L, C), where L is the level and C is the set of categories How to compare subject S1 with object O1 for access?

Lattice {NUC, NATO, ACE} {NUC, NATO} {NUC, ACE} {NATO, ACE} {NUC} {}

Bell-LaPadula Model The security level (L, C) dominates the security level (L’, C’) iff L’ ≤ L and C’ ⊆C Simple-Security Condition S can read O iff S dom O *-Property S can write to O iff O dom S

Examples A has TS, {ACE} B has S, {NATO, ACE} Can A Can B Read TS, {} Write S, {ACE} Read TS, {NATO, ACE} Write TS, {ACE, NATO} Can B Write S, {NATO} Read S, {ACE, NUC} Write U, {}

Other Types of Access Control Role Based Access Control (RBAC) User’s permissions are determined by the user’s role Rather than identity (DAC) or clearance (MAC) More natural expression of business logic Attribute Based Access Control (ABAC) Users have attributes (age, ID number, group membership, etc.) Policy is a complex Boolean expression on the attributes

Research in Access Control Usability Flexibility Expressiveness Federation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.